<?php
/*****************************************************************************\
+-----------------------------------------------------------------------------+
| X-Cart                                                                      |
| Copyright (c) 2001-2007 Ruslan R. Fazliev <rrf@rrf.ru>                      |
| All rights reserved.                                                        |
+-----------------------------------------------------------------------------+
| PLEASE READ  THE FULL TEXT OF SOFTWARE LICENSE AGREEMENT IN THE "COPYRIGHT" |
| FILE PROVIDED WITH THIS DISTRIBUTION. THE AGREEMENT TEXT IS ALSO AVAILABLE  |
| AT THE FOLLOWING URL: http://www.x-cart.com/license.php                     |
|                                                                             |
| THIS  AGREEMENT  EXPRESSES  THE  TERMS  AND CONDITIONS ON WHICH YOU MAY USE |
| THIS SOFTWARE   PROGRAM   AND  ASSOCIATED  DOCUMENTATION   THAT  RUSLAN  R. |
| FAZLIEV (hereinafter  referred to as "THE AUTHOR") IS FURNISHING  OR MAKING |
| AVAILABLE TO YOU WITH  THIS  AGREEMENT  (COLLECTIVELY,  THE  "SOFTWARE").   |
| PLEASE   REVIEW   THE  TERMS  AND   CONDITIONS  OF  THIS  LICENSE AGREEMENT |
| CAREFULLY   BEFORE   INSTALLING   OR  USING  THE  SOFTWARE.  BY INSTALLING, |
| COPYING   OR   OTHERWISE   USING   THE   SOFTWARE,  YOU  AND  YOUR  COMPANY |
| (COLLECTIVELY,  "YOU")  ARE  ACCEPTING  AND AGREEING  TO  THE TERMS OF THIS |
| LICENSE   AGREEMENT.   IF  YOU    ARE  NOT  WILLING   TO  BE  BOUND BY THIS |
| AGREEMENT, DO  NOT INSTALL OR USE THE SOFTWARE.  VARIOUS   COPYRIGHTS   AND |
| OTHER   INTELLECTUAL   PROPERTY   RIGHTS    PROTECT   THE   SOFTWARE.  THIS |
| AGREEMENT IS A LICENSE AGREEMENT THAT GIVES  YOU  LIMITED  RIGHTS   TO  USE |
| THE  SOFTWARE   AND  NOT  AN  AGREEMENT  FOR SALE OR FOR  TRANSFER OF TITLE.|
| THE AUTHOR RETAINS ALL RIGHTS NOT EXPRESSLY GRANTED BY THIS AGREEMENT.      |
|                                                                             |
| The Initial Developer of the Original Code is Ruslan R. Fazliev             |
| Portions created by Ruslan R. Fazliev are Copyright (C) 2001-2007           |
| Ruslan R. Fazliev. All Rights Reserved.                                     |
+-----------------------------------------------------------------------------+
\*****************************************************************************/

#
# $Id: cc_ideb.php,v 1.7.2.5 2007/09/07 08:28:33 max Exp $
#

if (defined('XCART_START')) {

	# Redirect to gateway

	$ordr = str_replace(" ", "", $module_params["param05"].join("-",$secure_oid));
    if (!$duplicate)
        db_query("REPLACE INTO $sql_tbl[cc_pp3_data] (ref,sessionid) VALUES ('".addslashes($ordr)."','".$XCARTSESSID."')");

	$fields = array(
		"merchant" => $module_params["param01"],
		"amount" => (100*$cart["total_cost"]),
		"currency" => $module_params["param04"],
		"orderid" => $ordr,
		"accepturl" => $current_location."/payment/cc_ideb.php",
		"cancelurl" => $current_location."/payment/cc_ideb.php",
		"declineurl" => $current_location."/payment/cc_ideb.php",
		"cardno" => $userinfo["card_number"],
		"expmon" => substr($userinfo["card_expire"], 0, 2),
		"expyear" => substr($userinfo["card_expire"], 2, 2),
		"cvc" => $userinfo["card_cvv2"],
		"uniqueoid" => "true",
		"ip" => func_get_valid_ip($REMOTE_ADDR)
	);

	if ($module_params['testmode'] == 'Y')
		$fields["test"] = "yes";

	if (is_visa($userinfo["card_number"]) || is_mc($userinfo["card_number"]))
		func_create_payment_form("https://payment.architrade.com/cgi-ssl/3dsecure.cgi", $fields, "DIBS");	
	else
		func_create_payment_form("https://payment.architrade.com/cgi-ssl/auth.cgi", $fields, "DIBS");

} else {

	# Return

	require "./auth.php";

	if (!func_is_active_payment("cc_ideb.php") || empty($orderid))
		exit;

	x_load("http");

	$module_params = func_query_first("SELECT * FROM $sql_tbl[ccprocessors] WHERE processor = 'cc_ideb.php'");

	$bill_output["sessid"] = func_query_first_cell("SELECT sessionid FROM $sql_tbl[cc_pp3_data] WHERE ref = '".$orderid."'");
	if (empty($bill_output["sessid"]))
		exit;

	$errcodes = array(
		"0" => "Rejected by acquirer",
		"1" => "Communication problems",
		"2" => "Error in the parameters sent to the DIBS server",
		"3" => "Error at the acquirer",
		"4" => "Credit card expired",
		"5" => "Your shop does not support this credit card type, the credit card type could not be identified, or the credit card number was not modulus correct",
		"6" => "Instant capture failed",
		"7" => "The order number (orderid) is not unique",
		"8" => "There number of amount parameters does not correspond to the number given in the split parameter",
		"9" => "Control numbers (cvc) are missing",
		"10" => "The credit card does not comply with the credit card type",
		"11" => "Declined by DIBS Defender"
	);

	$errcodes_capture = array(
		"1" => "No response from acquirer",
		"2" => "Error in parameters sent to the DIBS server",
		"3" => "Credit card expired",
		"4" => "Rejected by acquirer",
		"5" => "Authorisation older than 7 days",
		"6" => "Transaction status on the DIBS server does not allow capture",
		"7" => "Amount too high",
		"8" => "Amount is zero",
		"9" => "Order number (orderid) does not correspond to the authorisation order number",
		"10" => "Re-authorisation of the transaction was rejected",
		"11" => "Not able to communicate with the acquier",
		"15" => "Capture was blocked by DIBS"
	);

	if (empty($authkey)) {
		$bill_output['code'] = 2;
		if (!isset($errcodes[$reason]))
			$bill_output['billmes'] = "Code: ".$reason;
		else
			$bill_output['billmes'] = $errcodes[$reason]."; code: ".$reason;

	} else {
		$bill_output['code'] = 1;

		$payment_return = array(
			"cost" => $amount/100,
			"currency" => $currency,
			"_currency" => $module_params['param04']
		);

		$post = array(
			"merchant=".$module_params["param01"],
			"amount=".intval($amount),
			"transact=".intval($transact),
			"orderid=".$orderid,
			"textreply=yes"
		);

		list($a, $return) = func_https_request("POST", "https://payment.architrade.com/cgi-bin/capture.cgi", $post);

		$ret = array();
		parse_str($return, $ret);

		if (!isset($ret['result'])) {
			$bill_output['code'] = 2;
			$bill_output['billmes'] = "Internal error.";

		} elseif ($ret['result'] == 0) {
			$bill_output['code'] = 1;

		} else {
			$bill_output['code'] = 2;
			if (!isset($errcodes_capture[$reason]))
				$bill_output['billmes'] = "Code: ".$ret['result'];
			else
				$bill_output['billmes'] = $errcodes_capture[$ret['result']]."; code: ".$ret['result'];
		}
	}

	require_once $xcart_dir."/payment/payment_ccend.php";
}
exit;
?>
